我有 spring-security-oauth2 应用程序,它是一个 ResourceServer。我们有定制 PrincipalExtractor
构建自定义 Principal 对象的类。此自定义 Principal 对象不扩展 Principal
或 UserDetails
class CustomUser{
//some custom fields
}
class CustomPrincipalExtractor implements PrincipalExtractor{
@Override
public CustomUser extractPrincipal(Map<String, Object> map){
return new CustomUser(map);
}
}
class SomeController{
@GetMapping
public ResponseEntity(@AuthenticationPrincipal CustomUser user){
//able to get user object
}
}
上面的代码工作正常。现在我想测试 Controller ,但无法传递 CustomUser 实例。
@SpringBootTest
@AutoConfigureMockMvc
public class SomeControllerTest{
@Autowired
private MockMvc mockMvc;
@Test
public void test(){
mockMvc.perform(get(...).principal(CANNOT pass CustomUser as it does not implement Principal))
}
}
我查看了一些其他要求自定义的解决方案
HandlerMethodArgumentResolver
但不确定如何配置自动配置的 MockMvc
最佳答案
我必须实现一些解决方法才能完成这项工作。
创建了一个模拟过滤器,用于在 SecurityContext 中设置 Authentication 对象。以下是代码
public class MockSpringSecurityFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) {}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
SecurityContextHolder.getContext()
.setAuthentication((Authentication) ((HttpServletRequest) req).getUserPrincipal());
chain.doFilter(req, res);
}
@Override
public void destroy() {
SecurityContextHolder.clearContext();
}
}
在测试中
@Before
public void setup() {
mockMvc = MockMvcBuilders.webAppContextSetup(context)
.apply(springSecurity(new MockSpringSecurityFilter()))
.build();
}
@Test
public void test(){
mockMvc.perform(get(...)
.principal(new UsernamePasswordAuthenticationToken(new CustomUser(), null))...
}
关于java - 模拟@AuthenticationPrincipal 参数,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52180555/